A financial institution is designing its disaster recovery strategy. Management states that after a disruption, customer-facing services must be restored within four hours, and no more than 30 minutes of customer transaction data can be lost. Which of the following BEST describes these requirements? A. RTO = 30 minutes, RPO = 4 hours B. RTO = 4 hours, RPO = 30 minutes C. RTO = 4 hours, RPO = 4 hours D. RTO = 30 minutes, RPO = 30 minutes

A large financial institution has recently suffered a breach due to inadequate network monitoring. As a CISSP professional, you have been tasked with designing a comprehensive network monitoring strategy to detect and respond to potential threats in real-time. The institution's network is complex, with multiple branches worldwide, using a mix of cloud and on-premises services. It is crucial to have visibility into encrypted traffic without compromising data integrity or performance. Which approach should be implemented to achieve these objectives effectively? Options: A. Deploy a network-based intrusion detection system (NIDS) capable of decrypting SSL/TLS traffic for analysis. B. Implement Secure Sockets Layer (SSL) bridging at the firewall to decrypt and inspect traffic, then re-encrypt before forwarding. C. Utilize endpoint-based monitoring tools that can decrypt traffic locally for analysis before it enters the network. D. Adopt an advanced network traffic analytics platform that leverages machine learning to identify anomalies in encrypted traffic without decryption.

A multinational corporation, TechGlobal, is planning to establish an identity federation with a partner company, SecureData Inc., to facilitate seamless access for its employees to SecureData's proprietary data analysis tools. Both companies use different identity providers and authentication mechanisms. TechGlobal uses an LDAP-based system for authentication, while SecureData uses SAML for its web applications. To ensure secure and efficient user access, what is the most appropriate approach for TechGlobal to implement identity federation, considering the technical compatibilities and the need for secure data exchange? Options: A. Integrate TechGlobal's LDAP system directly with SecureData's SAML-based applications. B. Implement a SAML-based identity provider at TechGlobal and establish a federated trust with SecureData's identity provider. C. Use a third-party identity broker that supports both LDAP and SAML to mediate between TechGlobal and SecureData. D. Develop a custom API solution to translate LDAP authentication requests into SAML assertions. Come back for the answer tomorrow! Study more at https://cissp.app

If you were tasked with testing an organization’s password security, what would you prioritize first: trying credential stuffing with real-world breach data, attempting brute force against weak accounts, or assessing the organization’s password policy and controls? From a CISSP perspective, which approach best balances technical depth with business risk?

Which of the following BEST ensures that information security aligns with business objectives and is supported at the highest level of the organization? A. Establishing detailed technical standards for system hardening B. Implementing security awareness training across the organization C. Obtaining executive sponsorship for the information security program D. Conducting regular penetration testing of critical systems